On your phone or when sharing your language learning projects across devices, our users trust us to keep their data secure, private, and available whenever they need it. We take that responsibility seriously.
At Zyntx Lab, we maintain a security system that:
- Prevents all unauthorized access;
- Supports continuous monitoring for potential vulnerabilities; and
- Embraces ongoing, proactive improvement to stay on top of the latest security tools and threats.
Data Protection
In Transit
All user data including activity names, event names, comments, uploaded files, account information, and payment information are sent using industry best practices regarding traffic: Specifically, we use TLS 1.1-1.2-1.3 secure channels and support both 128-bit or 256-bit configurations, depending on the browser.
At Rest
We use Google servers to host all user data. We make extensive use of their built-in firewalls to protect your data against unauthorized remote access.
Projects, tasks, comments, account information, and payment information are all stored and encrypted at rest.
All files uploaded are stored and encrypted at rest. Encrypting these files adds an additional layer of security. Files uploaded prior to this date are still fully protected from unauthorized physical and remote access by Google firewalls.
Google data centers undergo annual certifications to ensure they meet the highest standards of physical and virtual security. You can find more information on Google security practices at update (https://safety.google/security-privacy/.)
All data included Google Drive attachments remain on those companies’ servers and are covered by their respective security policies and practices.
Data Reliability
If you are using the App as a standalone service you do not share application data with us. However, all user data share with us through the App are automatically backed up on Firebase servers with multiple redundant copies.
Report a Vulnerability
If you discover any security vulnerability in PolyTrak, please submit a report and we’ll do our best to fix it right away.
Account Access
We verify account access through both email/password-based authentication and Google Accounts authentication via OAuth 2.0.
When email/password-based authentication is used, we always store individual passwords with unique salts to add an extra layer of protection to your account.
Alternatively, OAuth provides a seamless way to create and access your account without Todoist ever needing to access or store your Google login credentials
Data Privacy
We make it a priority to be transparent in how we collect, use, and handle your information when you use our website and software. Please see our full privacy policy for more details.